Mac Defender malware: A survival guide for OS X users

Here's what you need to know to avoid the perils of Mac Defender.

Apple says it has a fix in the works for the Mac Defender fake antivirus app that has plagued a surprising number of Mac users in recent weeks. The company recently posted a Mac Defender support page explaining how you can remove the malware from your system. Apple also says it will roll out an OS X software update to protect Mac users from future attacks.

Apple's technical support services have reportedly seen an uptick in complaints about Mac Defender malware attacks. One Apple Care representative recently told ZDNet that at its height 50 percent of customer support calls were seeking help for Mac Defender problems. At first, Apple was reportedly reluctant to help users remove the malware, saying it didn't want to set an expectation for future widespread malware problems.

But Apple had a change of heart since then and wants to deal with the problem head on. If you're a Mac user infected with Mac Defender or a person who just wants to brush up on your online security know-how, here's what you need to avoid the perils of Mac Defender.

What is Mac Defender?

Mac Defender is a fake antivirus program that tries to trick you into installing it on your OS X system (there is also a Windows variant). The program can be automatically downloaded to your computer through a malicious site or a pop-up might appear in your browser trying to convince you to download the rogue app.

Once Mac Defender is running on your system it will try to trick you into handing over your credit card information. Mac Defender tells you that your system has malware and claims that apps such as the Terminal are infected. It may also open browser windows and visit porn sites in an attempt to scare you into thinking you have a virus. Then the rogue app offers to fix your problem if you purchase the full version of Mac Defender. Once it has your credit card information, the porn pop-ups disappear, but now the bad guys have your credit card details.

Does Mac Defender Have Other Names?

The fake antivirus also goes by other names including MacProtector and MacSecurity, as well as Mac Defender.

Is this Malware related to MacDefender.org?

No.

What is Apple Doing About this?

Apple recently posted a Mac Defender support page on the company's site promising a software update for OS X. The update will search out and destroy Mac Defender malware if it's on your system. The security update will also alert you against downloading the scam app whenever you come across Mac Defender online.

I'm Infected. What Do I Do?

Apple has a detailed explanation on its Mac Defender support page about what you should do but here are the basics.

Before You Download

If you see the pop-up online, Apple recommends that you quit your browser immediately. If you can't shut it down normally then use the force quit option by pressing Command-Option-Escape. Then select your browser from the "Force Quit Applications" window and press the "Force Quit" button.

After You Download

If you've downloaded Mac Defender or one of its variants, but haven't installed it yet, then simply throw the download package (usually a mkpg.zip file) in the Trash. To be extra safe dump your Trash right away by clicking and holding on the Trash icon until a menu appears and then click "Empty Trash."

After You Install

If you have already downloaded Mac Defender and installed it on your system see the Apple support page under the sub-heading "Removal steps" for a step-by-step guide to removing the app. Under no circumstances should you ever provide Mac Defender or its variants with your credit card details.

Is this the End of the Age of Innocence for the Mac?

That's a hotly debated issue right now among Mac advocates and critics. There has been an uptick in malware activity for Mac recently. Not only has Mac Defender appeared, but there's also a new, high-priced software kit that lets anyone build malware for the Mac. But the truth is the bigger target for malware makers is still the Windows platform. Mac users are such a small segment of the overall global PC population that it's hard for an enterprising criminal to justify targeting such a miniscule number of users. Consider that about 80 million to 90 million PCs are shipped every three months. Apple, meanwhile, sold just over 13 million Macs in all of 2010.

That said, you should probably play it safe and expect to see more Mac-related malware in the wild. In late 2010, Panda security said it was seeing 500 new strains of Mac-specific malware every month.

Steps for the Future

If you're concerned about your computer's security, one of the best things you can do is download real antivirus software such as Sophos' free Mac antivirus program. Even if you refuse to run a security program full time, at the very least you should consider downloading an antivirus program so you can run a full disk scan every week or so.

But, just as Windows users have found out, the best way to stay safe online is to use common sense. If a pop-up window appears asking you to download software, do not agree to download it unless you were the one who initiated the download. If a program you don't recognize asks you for permission to install itself, don't do it. If you can't quit a browser window because of a misbehaving pop-up then force quit the program by clicking command-option-escape. If that doesn't work, try opening terminal and type in killall "browser name" where you substitute "browser name" (including the quotes) for your browser's full application name such as killall "Google Chrome" and not killall "Chrome."

For more tips on how to stay safe online check out PCWorld's How To Safeguard Your Security Online.

Connect with Ian Paul ( @ianpaul ) and Today@PCWorld on Twitter for the latest tech news and analysis.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags online securityAppleMac OSsecuritysoftwareoperating systemsmalwareantivirus

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ian Paul

PC World (US online)
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?